feat(basic): 简单设计了 Http 的 Basic 验证

2026-01-15 03:35:05 +08:00 · 2023-11-08 15:07:44 +08:00
parent 2e0275a31d
commit 737540a5b8
2 changed files with 36 additions and 1 deletions
--- a/docs/overview.md
+++ b/docs/overview.md
@@ -22,6 +22,12 @@
 将用于交互的用户信息、收货地址等，包装成 Resource，类似 Model 的方式进行调用。

 ## 认证方式
+### Basic
+目前设计为主要用于 TDD 的单元测试场景。
+可以使用卫浴 *common.php* 中的 `common.token.basic.salt` 声明盐值
+
+### (TBD.) Digest
+
 ### Session/Cookie

 ### JWT
--- a/src/Middleware/AuthenticateMiddleware.php
+++ b/src/Middleware/AuthenticateMiddleware.php
@@ -2,7 +2,8 @@

 namespace Singularity\HDK\Auth\Middleware;

-use Hyperf\Di\Annotation\Inject;
+use Lmc\HttpConstants\Header;
+use OneSm\Sm3;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 use Psr\Http\Server\MiddlewareInterface;
@@ -10,8 +11,11 @@ use Psr\Http\Server\RequestHandlerInterface;
 use Singularity\HDK\Auth\Services\AuthenticationInterface;
 use Singularity\HDK\Core\Constants\CommonErrorCode;
 use Singularity\HDK\Core\Enumerations\Http\Header\RFCs\RFC7486;
+use Singularity\HDK\Core\Enumerations\Http\Header\RFCs\RFC7617;
 use Singularity\HDK\Core\Exceptions\Unauthorized;

+use function Hyperf\Config\config;
+
 /**
 * 通用鉴权中间件
 * Singularity\HDK\Auth\Middleware\AuthenticateMiddleware@HyperfAuth
@@ -33,6 +37,13 @@ class AuthenticateMiddleware implements MiddlewareInterface
        ServerRequestInterface $request,
        RequestHandlerInterface $handler
    ): ResponseInterface {
+        if ($request->hasHeader(Header::AUTHORIZATION)) {
+            [$method, $value] = explode(' ', $request->getHeaderLine(Header::AUTHORIZATION));
+            if ($method === RFC7617::BASIC) {
+                return $this->basic($request, $handler, $value);
+            }
+        }
+
        $token = $this->authentication->parseTokenFromHeaders();
        if (empty($token) || $token === 'null' || $token === 'undefined' || $token === 'false') {
            throw new Unauthorized(CommonErrorCode::UNAUTHORIZED, null, RFC7486::HOBA);
@@ -43,4 +54,22 @@ class AuthenticateMiddleware implements MiddlewareInterface

        return $handler->handle($request);
    }
+
+    private function basic(
+        ServerRequestInterface $request,
+        RequestHandlerInterface $handler,
+        $value
+    ): ResponseInterface {
+        [$uid, $hash] = explode(':', base64_decode($value));
+        $salt = config('common.token.basic.salt', 'Qfsd8866');
+        if ($hash !== md5($uid . $salt)) {
+            throw new Unauthorized(authenticationType: RFC7617::BASIC);
+        }
+
+        $request = $request
+            ->withAttribute('authType', RFC7617::BASIC)
+            ->withAttribute('uid', $uid);
+
+        return $handler->handle($request);
+    }
 }